package cn.forge.mall.framework.security.config;

import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;

import javax.annotation.Resource;

@AutoConfiguration
@EnableConfigurationProperties(ModuleSecurityProperties.class)
public class GlobalAuthorizeCustomizerConfiguration {

    @Resource
    private ModuleSecurityProperties moduleSecurityProperties;

    @Bean
    public AuthorizeRequestsCustomizer moduleSecurityCustomizer() {
        return new AuthorizeRequestsCustomizer() {
            @Override
            public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) {
                // 设置统一的 PREFIX 安全规则
                registry.antMatchers(moduleSecurityProperties.getUnauthenticatedPrefix() + "/**").permitAll();
            }
        };
    }
}
